Enter your idea

YES this please! The issue we run into is when clients need to issue invoices and see reports we are publishing, the "Standard" role is the only role that currently permits this. Hoever the Standard role also grants them the ability to reconcile transactions. This is a NIGHTMARE for us when we have a client who is too hands on and starts undoing our work or does our work without our knowledge - all leading to extra work for us and, worst of all, an awkward interaction between us and our clients where we need to kindly reprimand them. Please save us from this awkward position!

It says the survey is not active - not very helpful?!

I clicked the link and it says its not active

It makes no sense that all standard users (e.g. mostly office admin) get to either have no reports or all reports. So, say that they are in charge of accounts receivable, they can send statements and chase payments but not run an aged receivables report. If you want them to be able to run a receivables report, you have to give them access to all reports including turnover & profits data. Most business owners don't want this. And I believe that it's a system default to now let all users have reporting access. I've clicked the link to do the survey but I think it's closed.

Yes, this is crucial to our business as the accountant needs to run all reports for the creditor and debtor clerks.

They cannot have access to everything but they do need access to do their relevant reports without having access to GL's and Banks.

Any update from Xero on functionality to allow a user "invoice only" access along with "Report" access .

@Kelly Munro.
Is there any feedback yet on this develpment?

The implementation of invoice report features is urgently needed to facilitate accurate and timely reconciliation.

We need to have some employees with access to input invoices and run reports, but not have access to reconcile accounts.

I need an employee to be able to raise invoices and run reports for invoicing without having access to the banks

Granular Access Control – Secure, Zero Trust Permissions
Control-C’s new security model introduces a level of granularity never seen before in managing access to your Xero financial data. Traditionally, giving an employee access to run an Aged Payables or Aged Receivables report meant exposing your entire financial landscape – including sensitive areas like your Profit & Loss, balance sheet, bank transactions, and even other employees’ bonus information. Xero’s native user roles are fairly broad (e.g. standard user or advisor roles grant wide access). Not anymore.

With Control-C’s Zero Trust-based security framework, you can now restrict access to just the specific data or reports your team members need – and nothing more. Want a staff member to run only the Aged Receivables report? You can grant that exact permission, without also giving away the rest of your accounting info. No more over-exposure or “all-or-nothing” access. For example, an accounts clerk can be set up to view and export customer invoices and aging reports, but cannot see the general ledger or payroll details. A junior bookkeeper could be limited to inputting bills and viewing the payables report, without any visibility of bank balances or management reports. You define roles at a fine-grained level – a stark contrast to Xero, where even a read-only user can see almost everything.

This precision access control is built from the ground up, aligning with modern Zero Trust security principles that assume no implicit trust – every access is explicitly granted and minimal. For accountants and compliance officers, this means better internal controls and cleaner audit trails. You can demonstrate that even within your organisation, sensitive financial data is only accessible on a strict need-to-know basis. For instance, an auditor or external accountant could be given a special “Auditor” role on Control-C: read-only access to relevant reports and the audit log, but nothing else. Meanwhile, your sales manager might have access to customer contact list backups (for business continuity) but not to any financials. These tailored permissions greatly reduce the risk of internal data leaks or unnecessary snooping.

For business owners, the benefit is peace of mind and professionalism. You no longer have to say, “I’ll give my assistant access to Xero, but I hope they don’t poke around the salaries or bank accounts.” Instead, you define their role on Control-C to exactly what they require (perhaps invoice creation and nothing else). It shows a commitment to confidentiality: employees see only what’s relevant to their job, which also reduces temptation and errors. And because the platform logs every access and download, you have a full audit trail of who viewed or exported data.

This Zero Trust security model is a unique selling point of Control-C’s platform. It effectively adds a new permission layer on top of Xero’s data, one that many businesses have long wished Xero itself had. By deploying it, you protect sensitive information by default while still empowering your team with the tools they need. The result is a more secure, compliant operation, where data access is precisely aligned with role and purpose – no more, no less.

If you would like to learn more visit Control-C.com or find us in the Xero App Store.

Yes, this would be great. Please implement.

I believe it should be a very important adjustment that should be made. Full access to reports but shouldn't be able to see Bank Accounts & Feeds.

Customize User role (Invoice only - Sales) , user invoice only and customize the access to generate AR aged report or AP aged report only. no need full access to report.

I have just logged a poor review on Trustpilot. Comments in here are not responded to and Xero never justifies ignoring this request.

Disappointing that this has not been implemented + there's no workaround.

Comments going back three years. I'll add my voice to those asking why this hasn't been implemented yet. It's such basic functionality.

Quite literally: how is a salesperson supposed to do their job without access to reports?

Why are we not even getting a response of any kind about this, there are thousands of customers who want this.

Xero - still tinkering with non-functional improvements to font styles, while basic, and desperately needed features are ignored. why hasn't this been done yet?

Can't believe this is still going on!!! We need a user to be able to raise invoices and then chase the overdue invoices by running the aged receivables report, enter their comments on same, instead, we have to get someone else with higher permission pull the report off and email report over and back, updating the comments, an absolute waste of time. Can't be that difficult to give access to a user with Invoice only - Sales access, the option to have editable access to Aged Receivable reports

XERO CAN YOU EXPLAIN PLEASE WHY THIS IS NOT ACTIONED, IT HAS BEEN REQUESTED MULTIPLE TIMES.